From 221c0e479d99b81f8becd51d641a5979e420efdc Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 1 May 2012 17:13:34 +1000 Subject: [PATCH] s3-smbd: Use security_session_user_level() rather than nt_token_check_sid() This allows the unix.whoami test to pass when configured as part of the AD DC. The struct auth_session_info is slightly different in the AD DC configuration when using auth_samba4. In particular, there is a distinction between Guest and Anonymous logins. Andrew Bartlett --- source3/smbd/trans2.c | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 63ee76bce9e..5cfbc3128bd 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -3426,22 +3426,10 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned return NT_STATUS_BUFFER_TOO_SMALL; } - /* We ARE guest if global_sid_Builtin_Guests is - * in our list of SIDs. - */ - if (nt_token_check_sid(&global_sid_Builtin_Guests, - conn->session_info->security_token)) { + if (security_session_user_level(conn->session_info, NULL) < SECURITY_USER) { flags |= SMB_WHOAMI_GUEST; } - /* We are NOT guest if global_sid_Authenticated_Users - * is in our list of SIDs. - */ - if (nt_token_check_sid(&global_sid_Authenticated_Users, - conn->session_info->security_token)) { - flags &= ~SMB_WHOAMI_GUEST; - } - /* NOTE: 8 bytes for UID/GID, irrespective of native * platform size. This matches * SMB_QUERY_FILE_UNIX_BASIC and friends. -- 2.34.1